q792602257
18f6c8bd2e
feat(acp): SessionService.Create issues system MCP token in tx
...
- InTx wraps InsertSession + IssueSystemTokenWithTx (spec §6.1 atomic guarantee)
- Tx failure -> releaseOnFailure (worktree rollback)
- Spawn called with extraEnv = ACW_MCP_TOKEN + ACW_MCP_URL
- Spawn failure -> RevokeBySession (idempotent) + releaseOnFailure
- app.go SessionService construction updated with mcpTokens + config
- Unit tests: token issuance happy path + rollback on token failure
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 13:01:16 +08:00
q792602257
146dca7738
feat(jobs): mcp_tokens_purge runner (spec §6.5)
...
- Periodic delete of mcp_tokens where (expired OR revoked) before retention
- 24h interval default, 7d retention default
- Mirrors acp_events_purge pattern: idempotent, error-tolerant
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:56:10 +08:00
q792602257
702daced7d
feat(acp): Supervisor.onExit revokes system MCP token (spec §6.3)
...
- mcpTokens dep added to Supervisor; nil-safe (test fixtures may skip)
- RevokeBySession called after audit Record in onExit
- app.go wires mcpTokenSvc (was nil placeholder)
- Integration test: fakeSupMCPTokens verifies onExit calls RevokeBySession
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:52:25 +08:00
q792602257
d44ffc851f
feat(acp): Supervisor.Spawn extraEnv parameter
...
- extraEnv overrides agent_kinds.encrypted_env same-name keys (spec §6.1 #11 )
- Prevents admin from hard-coding ACW_MCP_TOKEN in agent_kinds
- SessionService passes nil for now; system token wiring lands in I4
- BuildSpawnEnv exported for testing the override priority
- Fix app.go NewSupervisor call to match updated signature (from I5)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:46:50 +08:00
q792602257
3a448cee5f
feat(mcp): IssueSystemTokenWithTx for cross-module tx (spec §6.1)
...
- Extract issueSystemToken helper; pool-bound + tx-bound entries share impl
- IssueSystemTokenWithTx accepts pgx.Tx, uses repo.WithTx(tx) for DB writes
- Audit Record stays outside tx (audit failure doesn't roll back business path)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:44:37 +08:00
q792602257
33057e885f
feat(config): add jobs.mcp_tokens_purge config (spec §6.6)
...
Default: enabled=true, interval=24h, retention=168h (7 days).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:43:40 +08:00
q792602257
be8d5e3a1b
feat(mcp,acp): Repository.WithTx + acp.Repository.InTx
...
Cross-module transactional support for spec §6.1: ACP CreateSession must
atomically insert acp_sessions row + mcp_tokens row (FK NOT NULL).
- mcp.Repository.WithTx(tx) -> Repository (tx-bound, no pool)
- acp.Repository.InTx(ctx, fn) -> error (pgx.BeginFunc wrapper)
- acp.Repository.WithTx(tx) -> Repository (tx-bound)
- Update fakeRepos in test files to satisfy new interface methods
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 12:40:54 +08:00
q792602257
62d9a91ca5
test(mcp): 13 PM tool tests + fix jsonschema tags
...
Add tools_pm_test.go with 13 integration tests covering all 16 PM
tools via SDK in-memory transport with fake services.
Fix jsonschema tags in tools_pm.go and tools_chat.go — SDK's tag
parser rejects "required,min=1" and "required,description=X" syntax;
use plain description text instead (non-pointer fields are auto-required).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 11:52:24 +08:00
q792602257
7d9164d478
feat(mcp): 16 PM tools + chat tool + 6 resource URIs + admin token UI
...
Phase F: tools_pm.go — list/get/create/update/close/reopen/assign for
projects, workspaces, requirements, issues (16 tools total).
Phase G: tools_chat.go — list_recent_messages tool; resources.go — 6 PM
resource URI templates (projects, project-detail, requirements, issues,
workspaces, workspace-detail).
Phase H: frontend admin UI — mcpTokens API client, Pinia store,
MCPTokenAdminView with create/revoke/list, router entry, NavBar link.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 11:27:47 +08:00
q792602257
d0efe2bdd4
feat(mcp): admin token CRUD HTTP handler (POST/GET/DELETE) + TokenService.List/GetByID
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 11:04:37 +08:00
q792602257
2d6521e610
feat(mcp): prompts registration via RegisterSystemPrompts (system-scope only)
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:52:54 +08:00
q792602257
5cccc97edd
feat(app): wire MCP module — repo/service/ratelimiter/server + transport mount + AuditWrap
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:44:17 +08:00
q792602257
6ce21d178e
feat(mcp): mount Streamable HTTP + legacy SSE transports with auth+ratelimit
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:37:48 +08:00
q792602257
5fd4eab7ca
feat(mcp): audit recorder wrapper injecting via_mcp + mcp_token_id from ctx
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:35:44 +08:00
q792602257
d6279c6ee1
feat(mcp): scope check helpers (CheckToolFromCtx + CheckProjectFromCtx)
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:34:54 +08:00
q792602257
59e0138e7c
feat(mcp): CallerResolver (AuthSession -> project.Caller bridge)
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:34:47 +08:00
q792602257
319b3a8baa
feat(mcp): add MCP Go SDK v1.6.0 + NewMCPServer scaffold with register stubs
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:34:08 +08:00
q792602257
a00f5a9efd
refactor(mcp): apply Part 1 review I1+I3+I4+I5
...
- Rename MCPToken -> Token (mcp.Token reads cleaner; zero external callers yet)
- IssueSystemToken: guard against nil ACPSessionID / UserID (early input validation)
- TokenService: inject now func for clock injection (parity with RateLimiter)
- Repository CHECK constraint tests: assert wrapped CodeInternal
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-05-08 10:28:49 +08:00
q792602257
980c6fcf0e
models
2026-05-08 08:57:09 +08:00
q792602257
71a3a85b26
fix(mcp): code review I2 — admin expires_at must be future + Part 3 tx TODO + scope JSON round-trip tests
...
- IssueAdmin now rejects past/now ExpiresAt with CodeMcpTokenExpiresRequired
- TestIssueAdmin_ExpiresMustBeFuture covers the new path
- IssueSystemToken doc comment notes pgRepo currently ignores ctx tx; Part 3
must add Repository.WithTx for true same-transaction guarantee with
acp_sessions (spec §6.1)
- New scope_test.go (whitebox) verifies JSON round-trip preserves nil-vs-empty
semantics on Tools / ProjectIDs and exercises AllowsTool / AllowsProject
edges that Authenticate / future tool gating depend on
2026-05-08 08:30:26 +08:00
q792602257
c046d77a6e
test(mcp): auth middleware + rate limiter tests
2026-05-08 08:11:02 +08:00
q792602257
e1e6508c4c
feat(mcp): rate limit middleware (per-token + global token bucket, 1-min window)
2026-05-08 08:08:13 +08:00
q792602257
416a7d5023
feat(mcp): auth middleware (Bearer + ?token= fallback)
2026-05-08 08:06:41 +08:00
q792602257
8031579487
test(mcp): TokenService unit tests with fake repo
2026-05-08 08:04:54 +08:00
q792602257
7d9cd4bf6b
feat(mcp): TokenService.Revoke + RevokeBySession (with audit)
2026-05-08 08:02:11 +08:00
q792602257
796e1e0d4c
feat(mcp): TokenService.Authenticate (hash lookup + revoked/expired check + async last_used)
2026-05-08 08:00:35 +08:00
q792602257
0081ad6e49
feat(mcp): TokenService.IssueSystemToken (with default scope + 24h TTL)
2026-05-08 07:59:00 +08:00
q792602257
d1573bde09
feat(mcp): TokenService skeleton + IssueAdmin
2026-05-08 07:57:17 +08:00
q792602257
4071778930
test(mcp): RevokeBySession + ReapStaleSystemTokens integration
2026-05-08 07:27:59 +08:00
q792602257
d431b8103d
test(mcp): repository CRUD + CHECK constraints + filter + purge integration
2026-05-08 07:25:21 +08:00
q792602257
bb512c0029
feat(mcp): repository RevokeBySession + ReapStaleSystemTokens + PurgeExpired
2026-05-08 07:22:16 +08:00
q792602257
21f29a68b5
feat(mcp): repository List + UpdateLastUsed + Revoke + DeleteByID
2026-05-08 07:20:19 +08:00
q792602257
3d16e4a877
feat(mcp): repository skeleton + Create + GetByHash + GetByID
2026-05-08 07:18:09 +08:00
q792602257
30a85d1b2d
feat(config): add MCPConfig (enabled / public_url / system_token_ttl / rate_limit)
2026-05-08 07:14:24 +08:00
q792602257
29b4c50888
feat(mcp): plaintext token generator + SHA-256 hash helper
2026-05-08 07:12:43 +08:00
q792602257
a3710c8645
feat(mcp): domain types — Issuer / Scope / MCPToken + helpers
2026-05-08 07:11:03 +08:00
q792602257
b1db7841c7
feat(errs): add 8 MCP error codes + HTTPStatus mapping
2026-05-08 07:09:26 +08:00
q792602257
39f57df882
feat(mcp): sqlc queries for mcp_tokens (CRUD + revoke + reaper + purge)
2026-05-08 07:07:47 +08:00
q792602257
ce53c54fde
test(acp): integration matrix scaffold + 3 implemented scenarios (CreateSuccess/Quota/BranchConflict)
2026-05-07 18:18:08 +08:00
q792602257
faebfc3135
feat(app): wire acp_events_purge runner into jobs scheduler
2026-05-07 17:47:50 +08:00
q792602257
4c19ce29ca
feat(jobs): acp_events_purge runner (retention-based cron cleanup)
2026-05-07 17:39:57 +08:00
q792602257
b22aacee62
feat(middleware): support ?token= query param fallback for browser WebSocket auth
2026-05-07 17:30:10 +08:00
q792602257
70ffddb76c
test(acp): handler integration e2e (POST session + WS state event + DELETE)
2026-05-07 17:20:33 +08:00
q792602257
f5f048083a
feat(acp): WebSocket session handler (history + live + ping/pong + owner-only prompt/cancel)
2026-05-07 17:08:09 +08:00
q792602257
72cd353757
feat(acp): handler refactor + sessions REST endpoints (list/create/get/delete/events)
2026-05-07 14:34:47 +08:00
q792602257
26011975b4
feat(app): wire ACP Supervisor + SessionService + startup reaper
2026-05-07 14:29:14 +08:00
q792602257
90f910fcdd
feat(acp): SessionService.Create with worktree acquire + supervisor.Spawn
2026-05-07 14:23:01 +08:00
q792602257
3e50da4a49
feat(workspace): session-scoped Caller.Holder + ReleaseByHolder for ACP integration
2026-05-07 14:21:00 +08:00
q792602257
9fc96b0a1a
feat(acp): SessionService skeleton + ResolveBranch (5 paths) + tests
2026-05-07 14:11:47 +08:00
q792602257
ce28b822f9
feat(acp): SessionService interface + CreateSessionInput
2026-05-07 14:09:42 +08:00